×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Security Manager

Senior Manager, Security Engineering

Remote / Online - Candidates ideally in
Toronto, Ontario, C6A, Canada
Listing for: Rates.ca
Remote/Work from Home position
Listed on 2026-06-18
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Security Manager
Salary/Wage Range or Industry Benchmark: 125000 - 150000 CAD Yearly CAD 125000.00 150000.00 YEAR
Job Description & How to Apply Below
Position: Senior Manager, Security Engineering )

About this Role

operates high-traffic, regulated financial and insurance platforms where security, data protection, and operational resilience are core business requirements.

Senior Manager, Security Engineering will:
  • Reduce real security risk over time
  • Embed security and compliance into engineering workflows without slowing delivery
  • Lead cyber-incident readiness and response, including cyber-insurance coordination
  • Use AI responsibly to improve security signal quality, speed, and coverage
What You Will Lead
  • Security Engineer and cross-functional security initiatives
  • Secure SDLC standards and enforcement across product teams
  • Third‑party risk management and vendor security oversight
  • Cyber‑incident command for security events (in partnership with Ops)
  • Data governance guardrails in collaboration with Platform and Engineering
Core Responsibilities
  • Security Engineering & Secure SDLC
  • Own Secure SDLC standards and tooling embedded into CI/CD and delivery workflows
  • Drive threat modeling, design reviews, and security architecture decisions
  • Ensure security findings are actionable, prioritized, and resolved predictably
  • Balance risk reduction with delivery velocity using a risk‑based approach
Compliance, Risk & Third‑Party Security
  • Lead compliance maturity aligned to PCI DSS, NIST CSF, and similar frameworks
  • Own audit readiness, evidence collection, and remediation tracking
  • Lead third‑party security risk assessments for critical vendors and integrations
  • Translate regulatory and insurer requirements into practical engineering controls
Cyber Resilience & Incident Response
  • Own cyber‑incident readiness, response playbooks, and escalation paths
  • Act as security incident commander during breaches and major security events
Coordinate with
  • Engineering Operations
  • Legal & Privacy or Executive leadership
  • Cyber‑insurance carriers and forensics partners
  • Ensure post‑incident learning drives systemic improvement
AI‑Augmented Security

Security Engineering at  is AI‑enabled by design. You are expected to:

  • Govern enterprise use of AI across Engineering from a security and risk lens
  • Use AI to:
  • Triage and prioritize security findings
  • Explain vulnerabilities and remediation paths to software engineers
  • Reduce noise in alerts and security telemetry
  • Accelerate audit evidence preparation and incident documentation

Ensure all AI‑assisted security outputs are:

  • Reviewable by humans
  • Auditable and traceable
  • Acceptable to regulators and insurers

AI accelerates analysis — humans remain accountable for security decisions.

OKRs & KPIs (Performance‑Critical)

Primary OKR Ownership:

  • Embed security, compliance, and data governance into delivery without slowing it down

KPIs You Own (Trend‑Based):

  • Critical and high‑severity vulnerability exposure (open vs SLA)
  • % of security issues detected pre‑production
  • Audit findings count and severity
  • Third‑party risk assessment coverage and residual risk trend
  • Secure SDLC coverage across services
  • Cyber‑incident readiness and response effectiveness

AI‑Related Outcomes:

  • Improved signal‑to‑noise in vulnerability management
  • Faster, higher‑quality incident analysis and documentation
  • No security or compliance incidents caused by AI misuse

Improving these trends over time is a core performance expectation.

What You Bring
  • 12+ years in security engineering, application security, or cloud security
  • Experience leading security engineers or security programs at scale
  • Strong hands‑on understanding of:
    • Cloud security (AWS)
    • Secure SDLC and CI/CD security
    • Incident response and breach handling
  • Experience operating in regulated environments
  • Comfort owning decisions during high‑pressure security incidents
  • Experience with PCI DSS, NIST CSF, or similar frameworks
  • Third‑party/vendor risk management experience
  • Experience coordinating cyber‑insurance response and forensics
  • Familiarity with modern engineering stacks (Node/Vue, PHP/Drupal, cloud‑native)
  • Experience using or governing AI‑assisted security tooling
Our Perks
  • You get your Birthday off!
  • This role requires two in‑office days per week (Tuesday and Thursday), with an additional Wednesday in the office every other week
  • 4 weeks of ‘Work from Anywhere Program’ every year
  • Full employer‑paid benefits
  • RRSP Matching Program with Wealthsimple
  • Annual holiday…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search